CAPEC Related Weakness
JSON Hijacking (aka JavaScript Hijacking)
CWE-345Insufficient Verification of Data Authenticity
CWE-346Origin Validation Error
CWE-352
Cross-Domain Search Timing
CWE-208Information Exposure Through Timing Discrepancy
CWE-352
CWE-385Covert Timing Channel
Cross Site Identification
CWE-352
CWE-359Exposure of Private Information ('Privacy Violation')
Cross Site Request Forgery (aka Session Riding)
CWE-306Missing Authentication for Critical Function
CWE-352
CWE-664Improper Control of a Resource Through its Lifetime
CWE-716
CWE-732Incorrect Permission Assignment for Critical Resource
Back to Top